Check out OpenSolaris, you will probably dig it ans ZFS :) I don't
care much for telnet however.
On 2/12/07, Damien Hull <dhull@digitaloverload.net> wrote:
> I have two questions for you.
>
> 1. Why would you run Solaris?
> 2. Why would you run telnet?
>
>
>
> Tom Simes wrote:
> > http://isc.sans.org/diary.html?storyid=2220
> >
> > From the article (Published: 2007-02-12):
> > There is a major zero day bug announced in solaris 10 and 11 with the
> > telnet and login combination. It has been verified.
> > ...
> > The issue:
> > The telnet daemon passes switches directly to the login process which
> > looks for a switch that allows root to login to any account without a
> > password. If your telnet daemon is running as root it allows
> > unauthenticated remote logins
> > ...
> > Versions of Solaris 9 and lower do not appear to have this
> > vulnerability.
> > ...
> > The FIX:
> > To disable telnet in solaris 10 or 11 this command should work.
> > svcadm disable telnet
> >
> > Tom
> >
> > ======================================================================
> > "Z-80 system stack overflow. Shut 'er down Scotty, the system's
> > sucking mud" - Error message on TRS 80 Model-16B
> >
> > Tom Simes simestd@netexpress.com
> > ======================================================================
> > ---------
> > To unsubscribe, send email to <aklug-request@aklug.org>
> > with 'unsubscribe' in the message body.
> >
> >
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Feb 12 12:09:01 2007
This archive was generated by hypermail 2.1.8 : Mon Feb 12 2007 - 12:09:01 AKST